Administering CA Output Management Web Viewer › Profile Object › Profile Security and Auditing
Profile Security and Auditing
Since a Profile lets many users share a single set of mainframe security credentials, extra care should be used in defining the access granted to CA View or CA Bundl by these credentials.
Determining Access
- To determine who has access to a Profile, you must ascertain which Roles have this Profile. These Roles are listed in the Assigned Roles drop-down on the edit Profile pane.
- Anyone who can successfully log into one of the Assigned Roles can access this Profile.
- Depending on the permissions in the Roles, users may not have complete access to all the information a Profile has access to. However, a Role using a particular Profile can never have access to more information than the Profile.
Disseminating Information
- All repositories or data assigned to a Profile’s credentials for CA View or CA Bundl can be assigned to any Basic User type Role by the System Administrator or the Group Administrator who created the Profile object.
- Members of the Role who created the Profile object are responsible for assigning it to the correct Roles and users.
- Anyone in the same Role as a Profile’s creator will be able to grant the right to grant the Profile to other Roles.
- Additionally, the System Administrator Role can assign the Profile to any Role.
- Once you give a Profile access to information (Repositories or Reports), members of the Group Administrator Role that created the Profile or the System Administrator can assign any the information that Profile has access to any Basic User type Role they have access to edit.
Auditing User Access
- CA OM Web Viewer provides you with the ability to audit the actions of all users, and does not treat all users in a single Profile as a single user.
- Although to CA View or CA Bundl auditing, all the LDAP users logged into a single Profile appear to be the same user logged in multiple times, in CA OM Web Viewer auditing they will audited separately.
For example, if User A and User B both share a Profile, their actions will be audited separately in CA OM Web Viewer, but might appear like the same user logged in twice to CA View or CA Bundl auditing since they are using the same credentials as provided by the Profile.
For more information see Audit Log or Auditing Preferences
|
Copyright © 2011 CA.
All rights reserved.
|
|
